(mod_security) mod_security (id:225080) triggered by 200.201.204.2 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225080) triggered by 200.201.204.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 25 00:04:43.068830 2024] [security2:error] [pid 14979] [client 200.201.204.2:50620] [client 200.201.204.2] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^[\\\\d\\\\.ab]+$" against "ARGS_GET:2825" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "143"] [id "225080"] [rev "1"] [msg "COMODO WAF: XSS vulnerability in Plupload before 2.1.9 or MediaElement.js before 2.21.0, as used in WordPress before 4.5.2 (CVE-2016-4566 & CVE-2016-4567)||www.soonerstone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.soonerstone.com"] [uri "/wp-includes/js/tinymce/plugins/wpeditimage/"] [unique_id "ZbHr61rZt86OXph_9ZWCzwAAAAs"], referer: soonerstone.com show less
(mod_security) mod_security (id:225080) triggered by 200.201.204.2 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225080) triggered by 200.201.204.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 24 21:42:03.343975 2024] [security2:error] [pid 14697] [client 200.201.204.2:59638] [client 200.201.204.2] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^[\\\\d\\\\.ab]+$" against "ARGS_GET:2825" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "143"] [id "225080"] [rev "1"] [msg "COMODO WAF: XSS vulnerability in Plupload before 2.1.9 or MediaElement.js before 2.21.0, as used in WordPress before 4.5.2 (CVE-2016-4566 & CVE-2016-4567)||www.taekwondoit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.taekwondoit.com"] [uri "/wp-includes/js/tinymce/plugins/wpautoresize/"] [unique_id "ZbHKe834jD0fNa8f9OfOmQAAAAU"], referer: taekwondoit.com show less
(mod_security) mod_security (id:225080) triggered by 200.201.204.2 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225080) triggered by 200.201.204.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 24 20:49:24.407422 2024] [security2:error] [pid 30903] [client 200.201.204.2:41048] [client 200.201.204.2] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^[\\\\d\\\\.ab]+$" against "ARGS_GET:2825" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "143"] [id "225080"] [rev "1"] [msg "COMODO WAF: XSS vulnerability in Plupload before 2.1.9 or MediaElement.js before 2.21.0, as used in WordPress before 4.5.2 (CVE-2016-4566 & CVE-2016-4567)||www.humbliaslaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.humbliaslaw.com"] [uri "/backup/wp-includes/js/tinymce/plugins/wpeditimage/"] [unique_id "ZbG-JHP0IUmWcZ_eZ5S1yQAAABk"], referer: humbliaslaw.com show less
(mod_security) mod_security (id:77140864) triggered by 200.201.204.2 (BR/Brazil/-): 1 in the last 36 ... show more(mod_security) mod_security (id:77140864) triggered by 200.201.204.2 (BR/Brazil/-): 1 in the last 3600 secs show less
[MonJan1523:34:47.5796132024][security2:error][pid26340:tid47240225777408][client200.201.204.2:0][cl ... show more[MonJan1523:34:47.5796132024][security2:error][pid26340:tid47240225777408][client200.201.204.2:0][client200.201.204.2]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\$mozilla\^\|mozilla/[45]\\\\\\\\.[1-9]\|\^mozilla/4\\\\\\\\.0\$\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"345\"][id\"330131\"][rev\"3\"][msg\"Atomicorp.comWAFRules:MaliciousBotBlocked\(FakeMozillaUserAgentStringDetected\)\"][severity\"CRITICAL\"][hostname\"foreveryoungonline.ch\"][uri\"/index.php\"][unique_id\"ZaWzB_Lvd0dMowwI3JO-cQAAAEo\"]\,referer:foreveryoungonline.ch[MonJan1523:34:50.6320292024][security2:error][pid26340:tid47240225777408][client200.201.204.2:0][client200.201.204.2]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\$mozilla\^\|mozilla/[45]\\\\\\\\.[1-9]\|\^mozilla/4\\\\\\\\.0\$\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"345\"][id\"330131\"][rev\"3\"][msg\"Atomicorp.comWAFR show less
[MonJan1515:40:15.4521762024][security2:error][pid22275:tid47631302747904][client200.201.204.2:0][cl ... show more[MonJan1515:40:15.4521762024][security2:error][pid22275:tid47631302747904][client200.201.204.2:0][client200.201.204.2]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\$mozilla\^\|mozilla/[45]\\\\\\\\.[1-9]\|\^mozilla/4\\\\\\\\.0\$\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"345\"][id\"330131\"][rev\"3\"][msg\"Atomicorp.comWAFRules:MaliciousBotBlocked\(FakeMozillaUserAgentStringDetected\)\"][severity\"CRITICAL\"][hostname\"shadowdrummer.ch\"][uri\"/index.php\"][unique_id\"ZaVDz4Ex7ViToOlgG3rpqwAAAQk\"]\,referer:shadowdrummer.ch[MonJan1515:40:16.3176642024][security2:error][pid22232:tid47631300646656][client200.201.204.2:0][client200.201.204.2]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\$mozilla\^\|mozilla/[45]\\\\\\\\.[1-9]\|\^mozilla/4\\\\\\\\.0\$\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"345\"][id\"330131\"][rev\"3\"][msg\"Atomicorp.comWAFRules:Malic show less